2FA authentication


We are adding Two-Factor Authentication (2FA) for Previo login and for displaying the full details of credit cards (for displaying cards 2FA is mandatory from 30.10.2023). It is in your own interrest to activate the 2FA authorization for all of your users in order to keep the data of your guests save and sound.

2FA is not activated automatically for all users profiles in your Previo profile but needs to be activated manually because it goes hand to hand with few more settings.

For verification we have so far choosed the Google Authenticator app, which can be downloaded using the links bellow:

Download the Google Authenticator app only from the links provided above. The app is free of charge and there are no licence or monthly fees for it. Rather double check if you have downloaded the correct app. Also the name of the app is Google Authenticator but you do not have to have a gmail account.

How to activate 2FA?

1. In Settings / Users / Users open edit window of specific user and activate „Active 2FA using the Google Authenticator“ and save the user profile.

2. Log out of Previo.

3. Afer re-logging in using your user name and password you will be asked to connect your account with Google Authenticator using the provided QR code or alphanumeric code bellow the QR. At this moment do not press “next” button and proceed to next step of this manual.

 

4. Open the Google Authenticator app on your mobile device and select scanning of QR code or manual rewritting of code to app. Scan/rewrite the code from the login page.

In the app you will see that your account has been added and you will also see unique 6 character long code which is being re-generated every minute.

5. Now back to Previo login screen. Click on next and in next step copy/write down the unique code from the Google Authenticator app and confirm it.

5. You will be logged in to Previo and your verification is finished.

6. On your next login from the same browser/device you will not be asked for the verification again. Verification will be required only in case you will try to log in from different browser or new device. You can also encounter additional verification in case you delete your browsers cookies and history.

What to do if you continued from QR code to next step before you connected your account to the Google Authenticator app?

Ask somebody else (user) from your Previo profile (hotel) who at the same time has the user permission to edit users to deactivate 2FA for your account. Then after saving of this change, this other person should reactivate 2FA for you.  When you will try to relogin you will  see new QR code and you can continue the 3rd point of the manual above.

What to do if you delete Google Authenticator app or you lose your phone?

Ask somebody else (user) from your Previo profile (hotel) who at the same time has the user permission to edit users to deactivate 2FA for your account. Then after saving of this change, this other person should reactivate 2FA for you. This process leads to deleting of 2FA authentication key for your profile. When you try to log in to Previo next time you will be again asked about new connection of your account with Google Authenticator app using the QR code.

What to do in case you have a new phone? Can you transfer the accounts to new device?

Yes it is possible and all you need is just the old and new device with Google Authenticator app installed. Complete manual for transfer can be found here.

What to do in case we use one Previo user for multiple people working in Previo system?

From the security point of view this approach is absolutely incorrect. One person working with Previo should equal one user profile with unique login name and password. One of the reasons for this is definitely a security and the other point is that with multiple users you can trace activities in the system (who changed the pricelist, who deleted reservation etc. Also in case of stolen password the risk is much smaller in case it is stolen from one employee than from one shared account.

Also when some of your employees leaves the company you do not have to change the general password for the shared account for everyone. All you need to do is block or delete the user account of this employee.

Why do we undergo this change which “will not save you any time”?

You can hear it almost every day lost passwords, data breaches, fraud messages or other variations of web criminality. Vigilance is important especially in online environment and that is valid also for using the Previo. Therefore we need to increase our safety measures to make sure credit card details and other sensitive information about your guests in Previo are safe.

We understand that at the start you might be struggling with the basic settings but from long-term view this step is vital for security of your data. Also as mentioned above after initial settings the authorization will not be required when logging in from the same device. On the other hand if someone will steal your login email and password this person will not be able to log in to Previo with this extra security layer.